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Remarks 

I. Introduction 

This is in response to the Office Action dated September 25, 2007. The 
Office Action objected to claims 1-11 because of informalities. The Office Action 
also rejected claims 1, 5-7, 9, 10, 12 and 17 under 35 U.S.C. §112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly 
claim the subject matter which Applicant regards as the invention. The Office 
Action also rejected claims 1, 3-6, 8-13, and 15-19 under 35 U.S.C. §1 02(b) as 
being anticipated by WO 02/25402 (Donaghey), under 35 U.S.C. §102(e) as 
being anticipated by U.S. Patent Publication No. 2004/0250124 (Chesla), and 
also under 35 U.S.C. §1 02(e) as being anticipated by U.S. Patent Publication No. 
2003/0172145 (Nguyen). The Office Action additionally rejected claims 2, 7, and 
14 under 35 U.S.C. §1 03(a) as being unpatentable over Donaghey in view of 
"Official Notice", over Chesla in view of "Official Notice", and over Nguyen in view 
of "Official Notice". 

In response to the objections to claims 1-11, Applicants amend claims 1 , 
6, and 7. In response to the §1 12 rejections, Applicants amend claims 1, 5-7, 9, 
10 and 17. Applicants traverse the §102 and §103 rejections. Claims 1-19 are 
pending. 

II. Objections to Claims Due to Informalities 

The Office Action objected to claims 1-1 1 because of informalities, stating 
that '"adapted to' should be replaced with a gerund in order to make the limitation 
more positive for examination." Applicants respectfully disagree and submit that 
"adapted to" (as well as "configured to") is proper claim language for an 
apparatus claim. Applicants respectfully submit that replacing "adapted to" or 
"configured to" with a gerund may be appropriate for a method claim, but is not 
appropriate since the claim is an apparatus claim. To expedite prosecution, 
however, Applicants have amended claims 1 , 6, and 7 by replacing "adapted to" 
with "configured to". No new matter has been added. 
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III. Rejections under 35 U.S.C. S1 12 

The Office Action also rejected claims 1, 5-7, 9, 10, 12 and 17 under 35 
U.S.C. §112, second paragraph, as being indefinite for failing to particularly point 
out and distinctly claim the subject matter which Applicant regards as the 
invention. Applicants have amended claims 1, 5-7, 9, 10 and 17 in response to 
the §112 rejections. No new matter has been added. 

Dependent claim 12 was rejected because "the terms 'black-holing', 'non- 
black-holing' ... is a relative term, which renders the claim indefinite. It is not 
apparent, as per the claimed invention, distinction of black-holing versus non- 
black-holing for the routers." (Office Action, page 3). 

Applicants respectfully disagree. Dependent claim 12 claims, in part: 

responding to said instruction, by a plurality of routers within 
said ISP network, such that a first number of routers become 
black-holing routers and a second number of routers become 
non-black-holing routers. 

Applicants respectfully submit that it is clear that "black-holing routers" are 
one type of router and "non-black-holing routers" are another type of router. 
"Black-holing routers" and "non-black-holing routers" are specifically defined in 
the Specification on page 1 1 , lines 9-1 1 as follows: 

A black-holing router is a router that installs the black-hole route 
to router 22 into its routing table and a non-black-holing router is 
a router that installs the original route to the system-under- 
attack's IP address into its routing table. 

Applicants respectfully submit that dependent claim 12 is definite as the 
meaning of the terms "black-holing" and "non-black-holing" is clear from the 
description, and that the claim satisfies all requirements of 35 U.S.C. §112. As a 
result, Applicants request removal of the 35 U.S.C. §112 rejections. 

IV. Rejections under 35 U.S.C. §102 

The Office Action also rejected claims 1, 3-6, 8-13, and 15-19 under 35 
U.S.C. §1 02(b) as being anticipated by WO 02/25402 (Donaghey), under 35 
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U.S.C. §102(e) as being anticipated by U.S. Patent Publication No. 
2004/0250124 (Chesla), and also under 35 U.S.C. §1 02(e) as being anticipated 
by U.S. Patent Publication No. 2003/0172145 (Nguyen). 

In order for a claim to be anticipated under 35 U.S.C. §102, each and 
every limitation of the claim must be found either expressly or inherently in a 
single prior art reference. PIN/NIP. Inc. v. Platte Chem. Co. . 304 F.3d 1235, 
1243 (Fed. Cir. 2002). In the present case, neither Donaghey, Chesla, nor 
Nguyen shows each and every limitation of claims 1, 3-6, 8-13, and 15-19. 
Therefore, Applicants request the withdrawal of the rejections under 35 U.S.C. 
§102. 

The present invention relates to selectively black-holing attack traffic so 
that some of the traffic destined for an IP address under a DDoS attack continues 
to go to the IP address under attack while other traffic, destined for the same IP 
address, is rerouted via BGP sessions to a black-hole router. Such a selective 
black-holing scheme can be used to allow some traffic to continue in route to the 
IP address under attack, while other traffic is diverted. 

Donaqhev 

Amended independent claim 1 claims, in part: 

a black-hole router in communication with said plurality of 
routers, said black-hole router configured to have a bogus IP 
address that is same as said first IP address, said bogus IP 
address having a preference higher than a preference for said 
first IP address. 

Donaghey does not disclose this limitation. Briefly, Donaghey discloses a 
system that protects communication networks and devices against denial of 
service (DoS) attacks. A service provider receives a signal indicating that a DoS 
attack has been detected, receives one or more packets intended for a victim 
device, and transmits the one or more packets to a triage device. The triage 
device determines whether each of the one or more packets is part of the DoS 
attack and forwards only packets that are deemed unrelated to the DoS attack to 
the victim device. (Abstract). 
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The Office Action states that Donaghey discloses the above 
limitation on page 4. Page 4 of Donaghey discloses a triage device which 
receives one or more packets and determines whether each of the one or 
more packets is part of a denial of service attack. If the packet is part of 
the DoS attack, the triage device may discard the packet. If the packet is 
not part of the DoS attack, the triage device forwards the packet to a 
target device. Even if the Examiner considers Donaghey's triage device 
as a black-hole router, page 4 of Donaghey does not disclose the IP 
address of Donaghey's triage device being the same as another router. 
Furthermore, page 4 of Donaghey does not disclose the address of 
Donaghey's triage device having a preference higher than a preference for 
the IP address of another router. 

Amended independent claim 1 also claims, in part: 

wherein either one of said plurality of routers or said black- 
hole router is configured to inject a black-hole route scheme into 
a dynamic routing protocol used by said ISP network such that 
selected ones of said plurality of routers route traffic to said 
bogus address of said black-hole router. 

Donaghey does not disclose this limitation either. The Office Action 
states that Donaghey discloses this limitation on page 7 of Donaghey. 
Page 7 of Donaghey discloses its network traffic being routed through the 
triage device when a DoS attack has been detected. (Donaghey, lines 17- 
19). Page 7 of Donaghey does not, however, disclose the selective 
routing of traffic to a black-hole router. Specifically, Donaghey does not 
disclose " selected ones of said plurality of routers route traffic to said 
bogus address of said black-hole router," (emphasis added) as claimed in 
amended independent claim 1 . Instead, Donaghey discloses that all traffic 
goes through the triage device when a DoS attack has been detected and 
the triage device itself determines whether to forward each packet to the 
target device. Thus, Donaghey's triage device is another stop for each 
packet before reaching Donaghey's target device. This is different than 
amended independent claim 1 because amended independent claim 1 
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claims that selected routers route traffic to the "bogus address of said 
black-hole router." Thus, instead of all traffic going to Applicants 1 black- 
hole router, only some of the traffic (associated with the selected routers) 
gets transmitted to Applicants' black-hole router. 

Additionally, Applicants respectfully request that, if the Examiner 
persists with these rejections, the Examiner specifically cite the particular 
line numbers of Donaghey that the Examiner believes discloses the cited 
claim limitation instead of just the page numbers so that Applicants can 
fully respond to this rejection. 

Chesla 

Chesla also does not disclose the limitations claimed in amended 
independent claim 1 . As stated above, amended independent claim 1 
claims, in part: 

a black-hole router in communication with said plurality of 
routers, said black-hole router configured to have a bogus IP 
address that is same as said first IP address, said bogus IP 
address having a preference higher than a preference for said 
first IP address. 

Briefly, Chesla discloses a method for protecting a network from an 
attack by measuring a property of traffic entering the network, and 
analyzing the property using at least one fuzzy logic algorithm in order to 
detect the attack. (Abstract). The Office Action states that Chesla 
discloses the above limitation on page 4. Applicants respectfully disagree. 
Page 4 of Chesla discloses a variety of subject matters, as it is part of 
Chesla's Summary of the Invention. 

Paragraphs [0050] through [0052] of Chesla, along with the rest of 
Chesla's page 4, are directed to applying fuzzy logic to a characteristic or 
property of traffic. Page 4 of Chesla does not, however, disclose an IP 
address of one of Chesla's routers being the same as another router. 
Furthermore, page 4 of Chesla does not disclose the address of one 
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router having a higher preference relative to the preference of a second 

router, as claimed in amended claim 1 . 

As stated above, amended independent claim 1 also claims, in part: 

wherein either one of said plurality of routers or said black- 
hole router is configured to inject a black-hole route scheme into 
a dynamic routing protocol used by said ISP network such that 
selected ones of said plurality of routers route traffic to said 
bogus address of said black-hole router. 

Chesla does not disclose this limitation either. The Office Action 
states that Chesla discloses this limitation on page 4 of Chesla. Page 4 of 
Chesla does not disclose the selective routing of traffic to a black-hole 
router. Specifically (and like Donaghey), Chesla does not disclose 
" selected ones of said plurality of routers route traffic to said bogus 
address of said black-hole router," (emphasis added) as claimed in 
amended independent claim 1 . 

Additionally, Applicants respectfully request that, if the Examiner 
persists with these rejections, the Examiner specifically cite the particular 
paragraph(s) of Chesla that the Examiner believes discloses the cited 
claim limitation instead of just the page numbers so that Applicants can 
fully respond to this rejection. 

Nguyen 

Nguyen also does not disclose the limitations claimed in amended 
independent claim 1 . As stated above, amended independent claim 1 
claims, in part: 

a black-hole router in communication with said plurality of 
routers, said black-hole router configured to have a bogus IP 
address that is same as said first IP address, said bogus IP 
address having a preference higher than a preference for said 
first IP address. 

Nguyen discloses a system and method for developing and 
implementing ISP architectures. One embodiment of a method for 
designing and implementing ISP architectures may include formulating a 
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set of design requirements for an ISP architecture, establishing an 
architectural model for the ISP architecture using the set of design 
requirements, generating a logical design for the ISP architecture from the 
architectural model and the set of design requirements, and generating a 
physical design for the ISP architecture using the architectural model and 
the logical design. One embodiment may also include selecting one or 
more components of the ISP architecture and implementing the ISP 
architecture according to the logical design and the physical design. In 
one embodiment the system and method for designing, developing and 
implementing ISP architectures may be used to design, develop and 
implement an N-tiered ISP architecture. (Abstract). 

The Office Action states that Nguyen discloses the above limitation 
at page 6 of Nguyen. Page 6 of Nguyen, however, does not disclose the 
above limitation. Specifically, page 6 of Nguyen is part of the Brief 
Description of the Drawings section and is directed to a variety of subject 
matters. 

Nguyen also does not disclose the limitation of: 

wherein either one of said plurality of routers or said black- 
hole router is configured to inject a black-hole route scheme into 
a dynamic routing protocol used by said ISP network such that 
selected ones of said plurality of routers route traffic to said 
bogus address of said black-hole router. 

as claimed in amended independent claim 1 . The Office Action states that 
Nguyen discloses this limitation at page 7. Page 7 of Nguyen includes 
paragraphs about "Designing, Developing, and Implementing ISP 
Architectures". Page 7 of Nguyen does not, however, disclose the above 
limitation. Applicants respectfully request that, if the Examiner persists 
with these rejections, the Examiner specifically cite the particular 
paragraph(s) of Nguyen that the Examiner believes discloses the cited 
claim limitation instead of just the page numbers so that Applicants can 
fully respond to this rejection. 
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Independent claims 6 and 12 contain limitations that are similar to 
the limitations claimed in amended independent claim 1 and are allowable 
for the reasons described above. 

All remaining claims are dependent upon an allowable independent claim 
and are therefore also allowable. Dependent claims 5 and 16 are also allowable 
for at least the following additional reasons. 

Dependent claims 5 and 16 relate to changing the selected ones of the 
plurality of routers in real-time by injecting a new black-hole route scheme into 
the dynamic routing protocol. The Office Action states that Donaghey discloses 
this limitation at page 7 and page 9. These pages of Donaghey disclose routing 
packets through Donaghey's triage device but do not disclose this limitation. The 
Office Action states that Chesla discloses this limitation on page 4 and page 6. 
Neither of these pages of Chesla, however, disclose the limitation claimed in 
dependent claims 5 and 16. The Office Action also states that Nguyen discloses 
this limitation at page 7. Page 7 of Nguyen does not disclose this limitation. As a 
result, dependent claims 5 and 16 are allowable over Donaghey, over Chesla, 
and over Nguyen. 
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• VI. Conclusion 

For the reasons discussed above, all pending claims are allowable over 
the cited art. Reconsideration and allowance of all claims is respectfully 
requested. 
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